I try to use LdapExtLoginModue to authenticate over a windows active directory.
For some of my users I have a very strange exception:
[url]Exception in thread "main" javax.security.auth.login.FailedLoginException:
Password Incorrect/Password Required
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:213)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at
javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
at java.security.AccessController.doPrivileged(Native Method)
at
javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
at Main.main(Main.java:41)
Caused by: javax.naming.PartialResultException: Unprocessed Continuation
Reference(s); remaining name 'dc=fr,dc=mycompany,dc=net'
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2763)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
at
com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(LdapNamingEnumeration.java:129)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImpl(LdapNamingEnumeration.java:198)
at
com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(LdapNamingEnumeration.java:171)
at
org.jboss.security.auth.spi.LdapExtLoginModule.rolesSearch(LdapExtLoginModule.java:421)
at
org.jboss.security.auth.spi.LdapExtLoginModule.createLdapInitContext(LdapExtLoginModule.java:348)
at
org.jboss.security.auth.spi.LdapExtLoginModule.validatePassword(LdapExtLoginModule.java:229)
at
org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:210)
... 11 more[/url]
When the login module tries to get the role of the authenticated user, the
roleSearch method failed. I go through this method with a debugger.
ctxt.search return a NamingEnumeration that contains 1 element, a while iterate
over the enumeration. Exception is thrown in the while when the hasMore method
is invoked for the second time.
I have patch the code to replace hasMore with hasMoreElements. That fiw my
problem.
Finally I replace in searchRole and bindDNAuthentication methods the hasMore()
by hasMoreElements().
I'm not able to understand why hasMore method throws an exception for some of
my config and not for others.
Is that a bug in the LdapExtLoginModule ???
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4012887#4012887
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4012887
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
